Microsoft Agent Memory Corruption Vulnerability - CVE-2006-3445:
There is a remote code execution vulnerability in the way that Microsoft Agent handles specially crafted .ACF files. An attacker could exploit the vulnerability by constructing a specially crafted Web page that could potentially allow remote code execution if a user viewed the Web page. An attacker who successfully exploited this vulnerability could take complete control of an affected system.